The present disclosure generally relates to providing services, and more particularly to shifting instances of a service.
A service may be accessible over a network to accept and process client requests. The service may be a critical service that needs to be online and ready to accept and process client requests at any time. An attacker (e.g., a person or malicious software) may attempt to deliberately overload or congest the service to put it out of order. It may be difficult to protect the service from such an attacker because the attacker may congest the whole server on which the service is deployed.
A conventional solution is to authenticate the attacker. An authentication, however, may be unhelpful because the attacker may congest the service using login requests. Another convention solution is to detect suspicious activity. For example, traffic filtering and/or firewalls may be used to analyze a network to detect suspicious traffic and block it. This solution, however, may be unreliable because it may not reliably distinguish traffic that is malicious and traffic that is not malicious (e.g., from legitimate customers). Further, the filtering device may also be overloaded. This solution may be unhelpful for situations in which the service is a critical service because a customer's request may be filtered by the protection filter and may not arrive to the critical service in a timely manner.